IncludeOptional error "modsecurity_rules_file" directive Rules error #338

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Open

muuvmuuv opened this issue Jan 27, 2025 · 1 comment

muuvmuuv commented Jan 27, 2025

We have installed nginx-extras, libnginx-mod-http-modsecurity/stable,now 1.0.3-1+b2 and libnginx-mod-http-modsecurity/stable,now 1.0.3-1+b2.

Enabling (uncommenting) the ModSecurity lines produces the following error:

root@xxxxx:~# nginx -t
2025/01/27 09:43:06 [emerg] 80509#80509: "modsecurity_rules_file" directive Rules error. File: /etc/nginx/modsecurity_includes.conf. Line: 8. Column: 81. Invalid input:  IncludeOptional /etc/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf in /etc/nginx/sites-enabled/default.conf:26
nginx: configuration file /etc/nginx/nginx.conf test failed

I have tested that if I change IncludeOptional to just Include it works.

The text was updated successfully, but these errors were encountered:

Member

airween commented Jan 27, 2025

thanks for this report.
Unfortunately this is a know issue: libmodsecurity only knows Include, but not the IncludeOptional directive.

We should consider to add that.

# for free to join this conversation on GitHub. Already have an account? # to comment